0 Comments


Before releasing a new website, it's always good to optimize your configuration for production. Here are some suggestions:

Security

ID

Items

    Image result for tickbox icon

    Protect Admins Pages

    1. Cache (/Sitecore/admin/cache.aspx)
    2. Database Browser (/stecore/admin/dbbrowser.aspx)
    3. Serialization (/stecore/admin/serialization.aspx)
    4. Show Config (/sitecore/admin/showconfig.aspx)
    5. Size Status (/sitecore/admin/sizestatus.aspx)
    6. Stats (/sitecore/admin/stats.aspx)
    7. Unlock Admin (/sitecore/admin/unlock_admin.aspx)
    8. Installation wizard (/sitecore/admin/UpdateInstallationWizard.aspx)

      Image result for tickbox icon

        Turn on custom Errors

        Update production web.config

        <customErrors mode="RemoteOnly" />

          Image result for tickbox icon

            Reset admin password. It would be embarrassing to go live with password "b" =)

              Image result for tickbox icon

                Ensure replace develop license file before going live

                Performance

                  Image result for tickbox icon

                    Configure Keep-Alive

                    <agent type="Sitecore.Tasks.UrlAgent" method="Run" interval="00:15:00">
                            <param desc="url">/sitecore/service/keepalive.aspx</param>
                            <LogActivity>true</LogActivity>
                    </agent>

                      Image result for tickbox icon

                        Disable WebDAV

                        Sitecore Recommendation

                        Sitecore recommends disabling WebDAV on the production content delivery servers to reduce the number of log files being created. Also, Sitecore recommends disabling WebDAV on the content management servers if the WebDAV functionality is not being used.


                        1.Disable logging

                        2.  <!--<appender name="WebDAVLogFileAppender" type="log4net.Appender.SitecoreLogFileAppender,
                        3.  Sitecore.Logging">
                        4.   <file value="$(dataFolder)/logs/WebDAV.log.{date}.txt" />
                        5.   <appendToFile value="true" />
                        6.   <layout type="log4net.Layout.PatternLayout">
                        7.   <conversionPattern value="%4t %d{ABSOLUTE} %-5p %m%n" />
                        8.   </layout>
                        9.   </appender>--> 
                        10.  
                        11.<!--<logger name="Sitecore.Diagnostics.WebDAV" additivity="false">
                        12.    <level value="INFO"/>
                        13.    <appender-ref ref="WebDAVLogFileAppender"/>
                          </logger>-->

                        14.Disable webserver

                        15.<!--<remove name="WebDAVModule" />-->
                        16. <!--
                        17.<add name="WebDAVRoot" path="*" verb="OPTIONS,PROPFIND" modules="IsapiModule"
                        18.scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll"
                        19.resourceType="Unspecified" preCondition="classicMode,runtimeVersionv2.0,bitness32" />
                        20. <add name="WebDAVRoot64" path="*" verb="OPTIONS,PROPFIND" modules="IsapiModule"
                        21.scriptProcessor="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll"
                        22.resourceType="Unspecified" preCondition="classicMode,runtimeVersionv2.0,bitness64" />
                        23. <add verb="*" path="sitecore_webDAV.ashx"
                        24.type="Sitecore.Resources.Media.WebDAVMediaRequestHandler, Sitecore.Kernel"
                        25.name="Sitecore.WebDAVMediaRequestHandler" />
                        -->

                        26.Disable httphandler

                        27. <!--
                        28. <add verb="*" path="sitecore_webDAV.ashx"
                        29.type="Sitecore.Resources.Media.WebDAVMediaRequestHandler, Sitecore.Kernel" />
                         -->

                          Image result for tickbox icon

                            Disable Performance Counters

                            Sitecore Recommandation

                            Performance counters create a minor overhead and is recommended to be enabled only when running in troubleshooting mode

                             <setting name="Counters.Enabled" value="false" />

                              Image result for tickbox icon

                                Disable Memory Monitor

                                Sitecore Recommandation

                                Sitecore recommends disabling the Memory Monitor in production environments, and only enabling it for troubleshooting memory related issues.

                                 <setting name="Counters.Enabled" value="false" />
                                <!--<hook type="Sitecore.Diagnostics.MemoryMonitorHook, Sitecore.Kernel">
                                 <param desc="Threshold">800MB</param>
                                 <param desc="Check interval">00:00:05</param>
                                 <param desc="Minimum time between log entries">00:01:00</param>
                                 <ClearCaches>false</ClearCaches>
                                 <GarbageCollect>false</GarbageCollect>
                                 <AdjustLoadFactor>false</AdjustLoadFactor>
                                 </hook>-->

                                  Image result for tickbox icon

                                    Ensure sufficient cache size

                                    SEO

                                    Image result for tickbox icon


                                    Title Tag

                                    The <strong>title</strong> tag is required in all HTML documents and it defines the title of the document. This tag displays the page title in browsers toolbar and in the search-engine results (SERPs). It also provides a title for the page when it is added to favorites. A descriptive <strong>title</strong> tag is important in helping search engines determine the web page's relevancy for certain keywords.




                                      Image result for tickbox icon

                                        Meta Description

                                        The meta description tag is meant to be a short and accurate summary of your page content. This description can affect your search engine rankings and can also show up directly in search engine results (and affect whether or not the user clicks through to your site).

                                          Image result for tickbox icon

                                            <h1> Headings Status

                                            This indicates if any H1 headings are used in your page. H1 headings are HTML tags than can help emphasize important topics and keywords within a page.

                                              Image result for tickbox icon

                                                <h2> Headings Status

                                                This indicates if any H1 headings are used in your page. H1 headings are HTML tags than can help emphasize important topics and keywords within a page.

                                                Image result for tickbox icon

                                                Check Robots.txt

                                                Check if your website is using a robots.txt file. Search engines send out tiny programs called spiders or robots to search your site and bring information back so that your pages can be indexed in the search results and found by web users. If there are files and directories you do not want indexed by search engines, you can use the "robots.txt" file to define where the robots should not go.

                                                These files are very simple text files that are placed on the root folder of your website: www.yourwebsite.com/robots.txt.

                                                There are two important considerations when using "robots.txt":

                                                - the "robots.txt" file is a publicly available file, so anyone can see what sections of your server you don't want robots to use;

                                                - robots can ignore your "robots.txt", especially malware robots that scan the web for security vulnerabilities;

                                                Image result for tickbox icon

                                                Check Sitemap

                                                a sitemap is an XML file that lists URLs for a site along with additional metadata about each URL (when it was last updated, how often it usually changes, and how important it is, relative to other URLs <g class="gr_ gr_9 gr-alert gr_gramm undefined Grammar multiReplace" id="9" data-gr-id="9">in</g> the site) so that search engines can more intelligently crawl the site.

                                                Image result for tickbox icon

                                                Image Alt Test

                                                Check images on your webpage for required alt attributes. If an image cannot be displayed (wrong source, slow connection, etc), the alt attribute provides alternative information. Using keywords and human-readable captions in the alt attributes is a good SEO practice because search engines cannot really see the images. For images with a decorative role (bullets, round corners, etc) you are advised to use an empty alt or a CSS background image.

                                                0 Comments

                                                Related image

                                                What’s new in Sitecore 9.1?

                                                Sitecore Host Base

                                                Sitecore is going to extract the services in Sitecore.kernel into individual independent services i.e. caching, logging, messaging etc. and make them single responsibility. 

                                                image

                                                Sitecore Host is a console application built with .Net core. It’s a abstracted host base, brings a common platform for developing additional functionality.  It supports both .net core  and full framework.  It is powering apps and services like Sitecore Identity, Horizon, as well as universal tracker.

                                                image


                                                Sitecore Identity

                                                Sitecore identity is a plug-in to the open source, it provides single sign on, allows to combine with external AMI system, and old membership.

                                                image


                                                Horizon

                                                Horizon is the next generation experience for content management, it reduces time to value significantly with focus on the need of tomorrows user profiles.  out of the box features for easy adoption and utilization of the full Stiecore potential. It also provides a user interface that is just as powerful and innovative as the engine behind.

                                                It provides a personalized hub into the world of Sitecore services, creating experiences powered by insights, as well as controlling and optimizing all marketing activities.

                                                image

                                                The architecture o f Horizon as shown below. As mentioned above, Horizon is one of the service built with .net core and hosted on Sitecore host base. It communicates with Sitecore Content Management Sever via message bus.

                                                image


                                                Cortex

                                                Sitecore Cortex is a Machine Learning engine for generating real-time insights of customer data. Cortex will become the key of future smart CMS.


                                                Universal Tracker

                                                Universal tracker allows mobile developers for tracking all user interactions, and soon Sitecore mobile SDK will support personalization on mobile native apps.

                                                0 Comments

                                                Image result for WFFM Sitecore

                                                Have you ever seen “sitecore://web/{358B0E87-893A-45A8-A707-D19A32962DFF}?lang=en&ver=1” this value? If you are using WFFM with attachment field, you are most likely going to see this value in the Excel file downloaded from the form.  This is because WFFM doesn’t manipulate data during exporting data into Excel, which means data formatting will be the same as it’s stored in the database.  


                                                Understand how it works

                                                For solving the issue, let’s get understood how it works.  First of all, what’s the Guid in the URL?  It’s a media library item ID.  If you search the ID in Sitecore, you can find that item in media library.  The attachment will be created in Media Library Once the form is submitted.   By default,  it’s stored in Master database, however you are allowed to change to Web database with below settings.  In my case,  I don’t want to change this to store in web database, as the attachment is not mean to be accessible from public.    

                                                <setting name="WFM.MasterDatabase" value="web" />

                                                The attachment is just a media library item, which you use MediaManager.GetMediaUrl for getting the URL (As shown in screenshot below)

                                                image


                                                Solutions

                                                Now, you should understand how it works, and let’s fix the export value together.  First of all, we need to find out which pipeline is for exporting the data into Excel. Luckily, It’s not so hard to find. It’s registered in the exportToExcel pipeline:

                                                image

                                                Next is to customize the ExportFormDataToExcel function, here is the code snippets

                                                Finally, if you export data into Excel again, the wired URL is fixed with a valid media item URL!. 

                                                0 Comments

                                                Today I came across a publishing issue in our UAT environment.  After I clicked the publish, the publish popup window doesn’t display and in the console log it is showing an error  “because it set multiple X-Frame-Options” headers with conflicting values (‘SAMEORIGIN, Allow-From’…) Falling back to ‘deny’.” as shown below.

                                                image

                                                image

                                                 

                                                So, I checked the web.config file and noticed that someone added  “ALLOW-FORM” X-Frame-Option in web.config.

                                                image

                                                The error is because from sitecore 8.1 update 3 onwards sitecore introduce default module to add X-FRAME-OPTION Sameorigin using below module

                                                <add type="Sitecore.Web.XFrameOptionsHeaderModule, Sitecore.Kernel" name="SitecoreXFrameOptionsHeaderModule" />

                                                0 Comments

                                                 

                                                Recently, I’ve been working on Sitecore commerce project. In the post below, I’m going to share the experience about how I troubleshoot the issue and get it solved eventually.

                                                Issue

                                                The issue I encountered in creating a commerce user.  customerServiceProvider “createUser” throws an exception

                                                An element with the specified key already exists., however the commerce user and sitecore user were successfully created. So WHY?

                                                 

                                                Troubleshooting

                                                The initial suspicion was there are some duplications in the database. so I double checked UserObject table, the Addresses table (because I also add billing address and shipping address for the user), as well as the aspnet_Users table in Core database.   Unfortunately they all looks clean and right, no duplications.

                                                Then I thought that maybe there are some other tables gets updated while creating a new user, so I opened the “SQL Server Profiler” tool trying to track all the database queries.  NO luck.

                                                 

                                                an-idea

                                                Ultimately, I found the issue. it was because when delete a user in Sitecore, it does delete both commerce user and Sitecore user, BUT not contacts in xDB.  Just for the proof of concept, I removed the contact and identifier from xDB. Bingo! It fixed the issue.